cURL / Mailing Lists / curl-library / Single Mail


Re: HTTP 401- Unauthorized error.

From: Daniel Stenberg <>
Date: Thu, 30 Apr 2009 14:21:11 +0200 (CEST)

On Thu, 30 Apr 2009, Pankaj Kumar Maharana wrote:

> What I observed is libcurl only sends the request once to the server with
> username and password. i.e.

No, if you set CURLOPT_USERPWD to an easy handle, all requests done using that
handle will send/use those credentials.

> I am doing curl_easy_setopt(handle, CURLOPT_USERPWD, "Wrong :
> Userpassword"); in the header callback function, when I receive a HTTP 401
> error code. After setting this incorrect user-name and password with the
> CURL handle CURL returns HTTP 401 error again. But CURL does not send the
> username and password set with the handle second time to the server.

Right, but this description omits a very important detail! Your code *ALSO*
sets CURLAUTH_ANY, thus enabling all authentication methods libcurl knows
about and when you do that it cannot and will not unconditionally send away
Basic credentials in requests. It would be stupid to do so.

Received on 2009-04-30